<?php
require_once('../lb_includes/functions.inc.php');
require_once('../lb_config.inc.php');

if(isset($_POST['submitted']) && !isset($_POST['logout'])) {
    $query = "SELECT s_name FROM lb_users WHERE s_name='" 
        . $_POST['username'] . "' AND password=SHA1('" 
        . $_POST['userpasswd'] . "')";
    $result = lb_db_query($query);
    list($author) = mysql_fetch_row($result);
    lb_db_close();
    if($author) {
        setcookie('author',$author,(time() + 7 * 24 * 60 * 60),'/'); //You may add your own custom domain here.
        $url = lb_abs_url('lb_admin.php');
        header("Location: $url");
        exit();
    }
    else {
        echo lb_login_page('password');
    }
}
elseif(isset($_POST['logout'])) {
    setcookie('author','',time() - 3600,'/'); // You may add your own custom domain here.
    echo lb_login_page('logout'); // Parameter value 1 for login 0 for logout.
}
elseif(isset($_COOKIE['author'])) {
    $url = lb_abs_url('lb_admin.php');
    header("Location: $url");
    exit();
}
else {
    echo lb_login_page('login');
}
?>
